· @postmodern
873 followers · 569 posts · Server infosec.exchangeCan anyone tell me what the second field (1pQcTx) is in a Django session cookie? Google isn't giving me any answers.
sessionid=eyJmb28iOiJiYXIifQ:1pQcTx:UufiSnuPIjNs7zOAJS0UpqnyvRt7KET7BVes0I8LYbA
``
It appears to be a Base64 encoded four byte string:
"\xD6\x94\x1CO"
If I unpack it as a network byte-order 32bit unsigned int:
3600030799
If I try to convert that to a UNIX timestamp, I get some far off future date:
2084-01-29 16:33:19 -0800
The number does appear to be incrementing on each request, so I'm guessing a `request_id` or timer?
#django #sessioncookie
Tarnkappe.info · @tarnkappeinfo
1529 followers · 3787 posts · Server social.tchncs.de
📬 EvilProxy vereinfacht Diebstahl wertvoller Login-Daten trotz MFA
#Hacking #AuthentifizierungsToken #LoginFormular #MultiFaktorAuthentifizierung #PhishingasaService #ReverseProxy #SessionCookie #TORNetzwerk https://tarnkappe.info/artikel/hacking/evilproxy-vereinfacht-diebstahl-wertvoller-login-daten-trotz-mfa-255309.html
#tornetzwerk #sessioncookie #reverseproxy #PhishingasaService #MultiFaktorAuthentifizierung #LoginFormular #AuthentifizierungsToken #hacking